<?php
require_once('../../auth/auth.php');
 	
 	$login_id=$_POST['login_id'];    	 	  
	$password=$_POST['password'];    
	$new_password_1=$_POST['new_password_1'];  
	$new_password_2=$_POST['new_password_2']; 		
	 
include 'db_Connect.php';
	
	//Input Validations
	if($new_password_1 == '' && $new_password_2 == '' && $login_id != $_SESSION['SESS_USER_USERNAME']) {		
			$loginChange = "UPDATE User SET login_id='".$login_id."' WHERE user_id='".$_SESSION['SESS_USER_ID']."'";
			$result = mysql_query($loginChange);	//user update executes
			
			if($result){
				echo("<br>Login update succeeded");
				$_SESSION['SESS_USER_USERNAME'] = $login_id;

			} else{
				echo("<br> Login update failed");
			}	
	} else {		
		if (($new_password_1 == $new_password_2) && $new_password_1 != ''){			
			
			if($login_id == $_SESSION['SESS_USER_USERNAME']) {			
			
				$passwdChange = "UPDATE User SET  password='".SHA1($new_password_1)."' WHERE user_id='".$_SESSION['SESS_USER_ID']."'";
				$result = mysql_query($passwdChange);	//user update executes
				
				if($result){
					echo("<br>Password update succeeded");
	
				} else{
					echo("<br> Password update failed");
				}	
			} else {
				
				$profileChange = "UPDATE User SET  password='".SHA1($new_password_1)."', login_id='".$login_id."' WHERE user_id='".$_SESSION['SESS_USER_ID']."'";
				$result = mysql_query($profileChange);	//user update executes
				
				if($result){
					echo("<br>Username and Password update succeeded");
					$_SESSION['SESS_USER_USERNAME'] = $login_id;
				} else{
					echo("<br> Username and Password update failed");
				}	
				
			}
			
		} else {	
		
			if ($new_password_1 == ''){		
				$errmsg_arr[] = 'Nothing to update';
				$errflag = true;
				echo "Nothing to update";
			} else {
				$errmsg_arr[] = 'Passwords do not match';
				$errflag = true;
				echo "Passwords do not match";
				
			}
		}		
	}    
	
include 'db_Close.php';
?>

